[Pkg-libvirt-maintainers] Bug#930100: after upgrade to buster, qemu cannot read default spice certs
Sam Hartman
hartmans at debian.org
Thu Jun 6 22:31:51 BST 2019
package: libvirt-daemon-system
severity: important
version: 5.0.0-3
Upgrading stretch to buster.
After the upgrade, libvirt could not read /etc/pki/qemu/server-cert.pem
and server-key.pem.
This is because of the apparmor profile.
I think that's the default place where you're supposed to put spice and
vnc certs if you're using tls.
Please include /etc/pki/qemu and /etc/pki/libvirt-spice (the old
location) as directories that qemu run by libvirt is permitted to read.
More information about the Pkg-libvirt-maintainers
mailing list